In Becki sei Wiki

Benutzer-Werkzeuge

Webseiten-Werkzeuge

Sie befinden sich hier: start » becki » linux » denyhosts
Zuletzt angesehen: gnu_gprof xorg_tips denyhosts
becki:linux:denyhosts

Dies ist eine alte Version des Dokuments!

Inhaltsverzeichnis

DenyHosts

General

Denyhosts blocks IP addresses from which SSH breakin attempts are detected.

Blocked IP addresses are added to /etc/hosts.deny.

See also: http://www.geekride.com/index.php/secure-your-ssh-server-with-denyhosts/

Slackware

DenyHosts is available at www.slackbuilds.org

After intall copy config files to /etc:

cp /usr/share/denyhosts/denyhosts.cfg-dist /etc/denyhosts.cfg
ln /usr/share/denyhosts/denyhosts.cfg-dist /etc/denyhosts.cfg.sborg
cp /usr/share/denyhosts/daemon-control-dist /etc/rc.d/rc.denyhosts
ln /usr/share/denyhosts/daemon-control-dist /etc/rc.d/rc.denyhosts.sborg

Edit /etc/rc.d/rc.denyhosts:

--- rc.denyhosts.sborg  2006-04-22 01:04:43.000000000 +0200
+++ rc.denyhosts        2013-11-22 09:59:08.803109065 +0100
@@ -12,8 +12,8 @@
 ###############################################
 
 DENYHOSTS_BIN   = "/usr/bin/denyhosts.py"
-DENYHOSTS_LOCK  = "/var/lock/subsys/denyhosts"
-DENYHOSTS_CFG   = "/usr/share/denyhosts/denyhosts.cfg"
+DENYHOSTS_LOCK  = "/var/run/denyhosts.pid"
+DENYHOSTS_CFG   = "/etc/denyhosts.cfg"
 
 PYTHON_BIN      = "/usr/bin/env python"

Edit /etc/denyhosts.cfg:

--- denyhosts.cfg.sborg 2006-08-20 16:09:57.000000000 +0200
+++ denyhosts.cfg       2013-11-22 10:21:38.564117102 +0100
@@ -9,13 +9,13 @@
 # argument
 #
 # Redhat or Fedora Core:
-SECURE_LOG = /var/log/secure
+#SECURE_LOG = /var/log/secure
 #
 # Mandrake, FreeBSD or OpenBSD:
 #SECURE_LOG = /var/log/auth.log
 #
 # SuSE:
-#SECURE_LOG = /var/log/messages
+SECURE_LOG = /var/log/messages
 #
 # Mac OS X (v10.4 or greater -
 #   also refer to:   http://www.denyhosts.net/faq.html#macos
@@ -55,10 +55,10 @@
 #            'y' = years
 #
 # never purge:
-PURGE_DENY =
+#PURGE_DENY =
 #
 # purge entries older than 1 week
-#PURGE_DENY = 1w
+PURGE_DENY = 1w
 #
 # purge entries older than 5 days
 #PURGE_DENY = 5d
@@ -192,10 +192,10 @@
 # running at a time.
 #
 # Redhat/Fedora:
-LOCK_FILE = /var/lock/subsys/denyhosts
+#LOCK_FILE = /var/lock/subsys/denyhosts
 #
 # Debian
-#LOCK_FILE = /var/run/denyhosts.pid
+LOCK_FILE = /var/run/denyhosts.pid
 #
 # Misc
 #LOCK_FILE = /tmp/denyhosts.lock

Finally add 

/etc/rc.d/rc.denyhosts start

to /etc/rc.d/rc.local

More info at /usr/share/denyhosts/README.txt

FIXME Check –purge

Debian

Install denyhosts with aptitude install denyhosts. This also adds the necessary autstart scripts and symlinks in /etc/init.d, /etc/rcX.d and '/etc/logrotate.d. It further sets some default entries in /etc/hosts.deny and starts denyhosts.

Config file is /etc/denyhosts.conf

By doing so, attackers will be blocked from all ports, e.g. HTTP as well. The IP addresses will be unblocked after half a year.
Then restart with /etc/init.d/denyhosts restart.

Cookies helfen bei der Bereitstellung von Inhalten. Diese Website verwendet Cookies. Mit der Nutzung der Website erklären Sie sich damit einverstanden, dass Cookies auf Ihrem Computer gespeichert werden. Außerdem bestätigen Sie, dass Sie unsere Datenschutzerklärung gelesen und verstanden haben. Wenn Sie nicht einverstanden sind, verlassen Sie die Website. Weitere Information
becki/linux/denyhosts.1385113929.txt.gz · Zuletzt geändert: 2013-11-22 09:52 von admin

Seiten-Werkzeuge

Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki
Impressum - Datenschutzerklärung